cta quote button US

Beware of Crypto Mining Browser Attacks

Read More

How Much Does It Cost to Hire Web Developers in Ukraine?

Our pricing is completely transparent: you pay your engineers’ salaries and a flat monthly fee for our services. No hidden charges.

Read More

A new type of attack on user browsers is intended to make money by silently mining bitcoins. Because bitcoins are so valuable these days, some hackers have moved on from stealing credit cards and instead go for your computing power. Crypto-mining hijackers steal your computer resources and use them to mine bitcoins for the attacker. With a large collection of users, the attacker is set to make thousands on bitcoin mining.

What is Crypto Mining?

if_bitcoin_idea_2444870Bitcoins are digital currency created after a user performs a mathematical equation on a computer. Depending on the computer resources, the equations take only milliseconds but every successful calculation renders the user a tiny fraction of a bitcoin. Bitcoins can be used to purchase items on the web, or the user can sell them to cryptocurrency traders for real cash.

Mining is a business for some people. They set up several machines and pool resources to perform calculations. With enough computing power, a miner can earn thousands every year in cryptocurrency. Bitcoin prices have soared recently. Within the last year, some cryptocurrency has gone from a few hundred dollars a bitcoin to tens of thousands of dollars. For an attacker, it’s much easier and accessible to steal computer resources in a web browser rather than attack a website for its credit card data.

Browser-Based Crypto Mining Attacks

if_bitcoin-crypto-currency-mining_2995029Web developers are able to embed connections from a front-end web page to a backend server. This technique is how an attacker attaches his web page to a pool of crypto miners. The web page has embedded code that connects to the attacker’s server and uses the computing power on the local client machine to perform calculations.

The downside of the attack is that it only lasts as long as the user has the web page open or for as long as they keep the browser opened. Like any other web application, once the user closes the page, the application no longer runs on the client machine.

Attackers have come up with a way to trick users into keeping the browser page open. They embed code into a pop-under window, which is a popup that doesn’t display in front of the user’s active browser. Instead, it opens behind the active browser, which hides it from the user who will likely avoid closing it since they don’t know that it’s there.

Even more sophisticated is an attacker’s throttle on the attack. Crypto mining can reduce performance when it uses all computer resources for calculations. Attackers throttle the attack and ensure that CPU usage is only at 80-90%. This leaves the user free to use the computer for other browsing and doesn’t cause the computer to crash which then forces the user to reboot and close the browser. Attackers are also coding their pop-unders to avoid popup blocker applications, so you can’t just rely on a popup blocker to protect your machine’s resources.

If you have a Windows machine, you can see the pop-under in the taskbar, but since Windows groups applications in its taskbar now, it’s not as easily noticeable. It’s up to the user to notice the pop-under, but not ever pop-under is malicious. A telltale sign of an attack is the immediate spike in CPU usage. When you close the pop-under, the CPU usage drops to normal levels. You can view this activity in Task Manager.

You can’t 100% avoid these attacks, but you can be aware of any strange performance struggles after you open a site. If you see this performance degradation, close the browser, look for pop-unders and close them, and your computer will be back to normal.

Need Inspiration? Check Out Some Related Projects and Tasks

Crypto Mining Website

Hi I require a website that offers crypto mining to visitors for an charity organization Suppose coinhive etc script must be implemented etc Example is: charitymine.org Please send me sample of ... (Australia)

Site With Crypto Mining Calculator

The site similar to www.cryptocompare.com/mining/calculator and https://coinmarketcap.com/calculator/ The design is simple - you can use bootstrap 4 or similar. ... (Russia)

Sentiment Analysis Tool Needed For Article Analysis

It is necessary to implement an application that will make use of machine learning, and to be more precise: Sentiment Analysis (https://en.wikipedia.org/wiki/Sentiment_analysis), the application will ... (Ukraine)

Set Up Node.js Miner In AWS For Crypto Mining Via TeamViewer

Hey UpWork Community! I´m looking for a skilled programmer who´s into crypto currency mining. I want to test a betaversion of a new blockchain called https://nimiq.com/. I use a MacBook with MacOS ... (Germany)

These results are based on the freelance jobs extracted from Upwork.

If you think your friends/network would find this useful, please share it with them – We’d really appreciate it.

Leave a Comment

We would be glad to get your feedback. Take a moment to comment and tell us what you think.

echo face

Get a FREE Consultation

- Want to learn more about how we work?
- Not sure if we meet all your criteria?
- Too shy or busy to give a call?